RE: DoS test on specific TCP Port

["Shenk, Jerry A" <jshenk () decommunications com>]

A new tool for me is scapy...with some scripting, you can send all kinds of odd stuff.

-----Original Message-----
From: Benjamin Greenfield <bcg () struxural com>
Sent: Friday, July 17, 2009 4:45 PM
To: shankar.arjunan () gmail com <shankar.arjunan () gmail com>
Cc: pen-test () securityfocus com <pen-test () securityfocus com>
Subject: Re: DoS test on specific TCP Port

You can try using hping3 to send out all sorts of traffic in all kinds
of different frequencies and bursts.   However, the first thing you
should do is verify with your client that they consent to you trying a
DoS attack.  Depending on application / service / OS is connected to
that port there may be particular vulnerabilities and / or exploits
that result in DoS conditions as well.

As far as determining the effectiveness of the attack, you'd need to
log all the incoming responses and evaluate them I suppose.  I would
expect subtle differences would account for things like an IPS
blacklisting your IP versus the host actually going offline or slowing
due to load, and depending on the specifics it may not actually be
possible to determine what precisely occurred target-side happened.

Seriously, verify that the client wants you to test a DoS first though...


On Thu, Jul 16, 2009 at 9:18 PM, <shankar.arjunan () gmail com> wrote:
> Dear All,
>
> I am performing a pentest on server, can anyone tell me if there is any script or tool or a method available to test 
> a specific TCP port (eg: 1310) for server load test by doing DoS/DDoS type attacks.  This is to check how the server 
> responds for attack on specific port, any possibilities of server going down or to check any degrade of performance.
>
> Please advice.
>
> Regards
> Shankar
>
> ------------------------------------------------------------------------
> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
> and CEPT certs require a full practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------


**DISCLAIMER
This e-mail message and any files transmitted with it are intended for the use of the individual or entity to which 
they are addressed and may contain information that is privileged, proprietary and confidential. If you are not the 
intended recipient, you may not use, copy or disclose to anyone the message or any information contained in the 
message. If you have received this communication in error, please notify the sender and delete this e-mail message. The 
contents do not represent the opinion of D&E except to the extent that it relates to their official business.

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------